mai-emi.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mai-emi.com/b0a/dispute/login/designs/verify.html
Submission: On December 02 via automatic, source openphish (December 2nd 2022, 1:14:43 pm UTC) — Scanned from NL

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mai-emi.com.

This is the only time mai-emi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	192.229.133.92 192.229.133.92	15133 (EDGECAST) (EDGECAST)
13	3

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

mai-emi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.133.92 (United States)

ASN15133 (EDGECAST, US)

secure2.bac-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	bac-assets.com secure2.bac-assets.com — Cisco Umbrella Rank: 199327	12 KB
2	mai-emi.com mai-emi.com	36 KB
13	2

	Domain	Requested by
5	secure2.bac-assets.com	mai-emi.com
2	mai-emi.com	mai-emi.com
13	2

This site contains links to these domains. Also see Links.

Domain
www.bankofamerica.com

Subject Issuer	Validity	Valid
secure2.bac-assets.com Entrust Certification Authority - L1M	`2021-12-20` - `2022-12-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://mai-emi.com/b0a/dispute/login/designs/verify.html
Frame ID: 3841EADA45221C08DA22FCF746AED084
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank of America | Online Banking | Forgot User ID & Password

Page Statistics

13
Requests

38 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

47 kB
Transfer

437 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bankofamerica.com/

Search URL Search Domain Scan URL

URL: https://www.bankofamerica.com/global/securepage.action
Title: Secure Area

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request verify.html Show response
mai-emi.com/b0a/dispute/login/designs/ 421 KB
35 KB 516ms
316ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a58d5607a731a169e4467b30d33b2f30bff8b9f3d1948c6507be9997f67fc363

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 773453a70ded9271-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 02 Dec 2022 13:14:38 GMT
Last-Modified: Sat, 27 Aug 2022 12:48:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arjpBws645QY6%2BSV%2F5hnkJohqXU6uGIfHxm6lILzvFAx1Rl05iuIepmzgRTCwJueTGpS3UBz5UINiQ7x9E2MU6HH9xuNFKIaAflf4L8D0QkWi4BBxJBsluM15cFzIchPQpVC65%2Fl0rPxpg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 assets-images-global-logos-BofA_rgb-CSX5624a146.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ 3 KB
2 KB 90ms
15ms Image
image/svg+xml 192.229.133.92
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/assets-images-global-logos-BofA_rgb-CSX5624a146.svg

Requested by

Host: mai-emi.com
URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.92 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC0) /

Resource Hash

6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mai-emi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 5098422
x-boa-requestid: YzwuibiOmybh1Mr56QhuBQAAAHU
x-cache: HIT
content-length: 1603
last-modified: Fri, 15 Mar 2019 14:03:16 GMT
server: ECS (amb/6BC0)
etag: "dc7-5842280127100"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 02 Dec 2023 13:14:39 GMT

GET
H2 200 assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ 2 KB
1 KB 91ms
16ms Image
image/svg+xml 192.229.133.92
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg

Requested by

Host: mai-emi.com
URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.92 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBC) /

Resource Hash

46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mai-emi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 5098422
x-boa-requestid: Yzwuia0jwNGUzWRC9wz7qQAAAnY
x-cache: HIT
content-length: 1009
last-modified: Fri, 15 Mar 2019 14:03:16 GMT
server: ECS (amb/6BBC)
etag: "7d7-5842280127100"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 02 Dec 2023 13:14:39 GMT

GET
H2 200 assets-images-global-header-secure-lock-CSXa09bf5fc.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ 353 B
359 B 89ms
17ms Image
image/svg+xml 192.229.133.92
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/assets-images-global-header-secure-lock-CSXa09bf5fc.svg

Requested by

Host: mai-emi.com
URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.92 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B8A) /

Resource Hash

ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mai-emi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 5098421
x-boa-requestid: YzwuinM0HN3_UZmg4smjUAAAAAs
x-cache: HIT
content-length: 257
last-modified: Fri, 02 Nov 2018 14:41:29 GMT
server: ECS (amb/6B8A)
etag: "161-579af87d9f840"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 02 Dec 2023 13:14:39 GMT

GET
H2 200 assets-images-global-title-flagscape_red-CSX345e7fd7.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ 2 KB
1 KB 88ms
16ms Image
image/svg+xml 192.229.133.92
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/assets-images-global-title-flagscape_red-CSX345e7fd7.svg

Requested by

Host: mai-emi.com
URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.92 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B94) /

Resource Hash

a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mai-emi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 5098421
x-boa-requestid: YzwuijBorRxVzOmFazww1AAAAOY
x-cache: HIT
content-length: 1201
last-modified: Fri, 02 Nov 2018 14:41:29 GMT
server: ECS (amb/6B94)
etag: "84c-579af87d9f840"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=26920000, public
accept-ranges: bytes
expires: Sat, 02 Dec 2023 13:14:39 GMT

GET cnx-regular.woff2
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 0
0

GET cnx-medium.woff2
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ 0
0

GET
H2 200 assets-images-site-secure-ah-forgot-common-sample-check-CSX2ef22a73.png
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ 7 KB
7 KB 15ms
15ms Image
image/png 192.229.133.92
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/assets-images-site-secure-ah-forgot-common-sample-check-CSX2ef22a73.png

Requested by

Host: mai-emi.com
URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.92 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BC5) /

Resource Hash

36936c7545dae08fd958b2d652f646e772a2554f52a26c49b34d05a7372309af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mai-emi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:14:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 02 Nov 2018 14:41:29 GMT
server: ECS (amb/6BC5)
age: 5097531
etag: "1b6a-579af87d9f840"
x-boa-requestid: YzwyBNTSxzaZ0L8q1WasJgAAAFM
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: image/png
cache-control: max-age=26920000, public
accept-ranges: bytes
content-length: 7018
expires: Sat, 02 Dec 2023 13:14:39 GMT

GET
H/1.1 200
OK ssn.js Show response
mai-emi.com/b0a/dispute/login/designs/ 443 B
991 B 377ms
377ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://mai-emi.com/b0a/dispute/login/designs/ssn.js
Requested by: Host: mai-emi.com
URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e784b1a75528ca2c36e0d91d7b74e50bcbfdd374a5248f3d1ac667366b9c393e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://mai-emi.com/b0a/dispute/login/designs/verify.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 13:14:39 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 02 Dec 2022 13:14:39 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rv2gmNH29rQaazqRy5mRF3pKpO4hktK1A%2F5ZYhYi59WdXVz%2Fm4iofvo9zCV248qQ3o0l%2BGMcjotBUjh0BMf4T5pw2mJuzr2muo4l0yZAkucOAsBndrUuw1jUL2fetAmcPreT%2Bhf4fMwDnw%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 773453aabc599271-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET cnx-regular.woff
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 0
0

GET cnx-medium.woff
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ 0
0

GET cnx-medium.ttf
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ 0
0

GET cnx-regular.ttf
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure2.bac-assets.com
URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2

Domain: secure2.bac-assets.com
URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff2

Domain: secure2.bac-assets.com
URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff

Domain: secure2.bac-assets.com
URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff

Domain: secure2.bac-assets.com
URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.ttf

Domain: secure2.bac-assets.com
URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html Message: Access to font at 'https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2' from origin 'http://mai-emi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html Message: Access to font at 'https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff2' from origin 'http://mai-emi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html Message: Access to font at 'https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff' from origin 'http://mai-emi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html Message: Access to font at 'https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff' from origin 'http://mai-emi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html Message: Access to font at 'https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.ttf' from origin 'http://mai-emi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://mai-emi.com/b0a/dispute/login/designs/verify.html Message: Access to font at 'https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf' from origin 'http://mai-emi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mai-emi.com
secure2.bac-assets.com
secure2.bac-assets.com
192.229.133.92
2a06:98c1:3121::3
36936c7545dae08fd958b2d652f646e772a2554f52a26c49b34d05a7372309af
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
a58d5607a731a169e4467b30d33b2f30bff8b9f3d1948c6507be9997f67fc363
e784b1a75528ca2c36e0d91d7b74e50bcbfdd374a5248f3d1ac667366b9c393e
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a

mai-emi.com Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

38 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

47 kBTransfer

437 kBSize

0 Cookies

2 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

12 Console Messages

Indicators

mai-emi.com Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

38 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

47 kB
Transfer

437 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!